Filter
AND

Software

protocol boxo
1
protocol go-bitfield
1
protocol go-codec-dagpb
1
protocol go-ipld-prime
1
protocol go-merkledag
1
protocol go-unixfs
1
protocol go-unixfsnode
1
protocol ipfs
1
protocol multihash
1

go/github.com/libp2p/go-libp2plibp2p nodes vulnerable to OOM attack

high
7.5
First published (updated )
CVE-2023-40583

Protocol BoxoBoxo bitswap/server: DOS unbounded persistent memory leak

high
8.2
First published (updated )
CVE-2023-25568

Protocol Go-unixfsgo-unixfs is an implementation of a unix-like filesystem on top of an ipld merkledag. Trying to read…

high
7.5
First published (updated )
CVE-2023-23625

Protocol Go-bitfieldgo-bitfield is a simple bitfield package for the go language aiming to be more performant that the s…

high
7.5
First published (updated )
CVE-2023-23626

Protocol Go-unixfsnodegithub.com/ipfs/go-unixfsnode is an ADL IPLD prime node that wraps go-codec-dagpb's implementation o…

high
7.5
First published (updated )
CVE-2023-23631

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

go/github.com/ipld/go-ipld-primego-ipld-prime json codec may panic if asked to encode bytes

high
7.5
First published (updated )
CVE-2023-22460

Protocol Go-codec-dagpbPanic when decoding invalid blocks in github.com/ipld/go-codec-dagpb

high
7.5
First published (updated )
CVE-2022-2584

Protocol Go-merkledagProtoNode may be modified such that common method calls may panic in ipfs/go-merkledag

high
7.5
First published (updated )
CVE-2022-23495

Libp2pgo-libp2p denial of service vulnerability from lack of resource management

high
7.5
First published (updated )
CVE-2022-23492

Libp2plibp2p denial of service vulnerability from lack of resource management

high
7.5
First published (updated )
CVE-2022-23487

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Libp2plibp2p-rust denial of service vulnerability from lack of resource management

high
7.5
First published (updated )
CVE-2022-23486

go-ipfsControl character injection in console output

high
8.8
First published (updated )
CVE-2020-26283

go-ipfsPath traversal

high
8.1
First published (updated )
CVE-2020-26279

Protocol MultihashAn issue was discovered in the multihash crate before 0.11.3 for Rust. The from_slice parsing code c…

high
7.8
First published (updated )
CVE-2020-35909

Protocol IpfsAn issue was discovered in IPFS (aka go-ipfs) 0.4.23. An attacker can generate ephemeral identities …

high
7.5
First published (updated )
CVE-2020-10937

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203